in x86 some operations allowed only with specific register: result of 32bit division goes to eax, while remainder goes to edx, result of multiplication goes to edx:eax pair too.
in xlatb operation used al & ebx.
in data movement (string instructions) are used esi & edi.
pointing via ebp register is 1 byte shorter than via any other register.

so in data transfer & much of operations registers are equivalent, but when needed to execute specific to register instruction thou should use other registers or memory.
And esp, only with that registers executed pushes, popes, calls, rets.

but calling convention it is a bit different thing than register roles.

convention determine how will be passed params of different sizes, they will be passed via registers(and via which) or/and via stack, for clearing stack to state before call is responsible callee or caller, in what order params would be passed, will stack be aligned or not, and so on...

13 May 2020, 16:34

Ali.Z

Joined: 08 Jan 2018
Posts: 344

Ali.Z

Stefx wrote:

First of what I would like to ask, is each registers have a specific job?

Code:

subroutine:
push eax
mov ebx, esp
sub esp,8

Program was working good but does using different registers matter?

it seems unclear to you what is meant by PUSH?
we PUSH a value on top of the stack to preserve it or pass it to a function/subroutine/procedure.

that is why Tomasz Grysztar PUSHed EBP to preserve it, and load ESP into EBP; if we were in a nested subroutine and did not preserve the value of EBP then that will cause a crash.

using different registers always matter, as for registers have specific job; YES, but they are general-purpose-registers.
ProMiNick already mentioned some examples, in addition to what ProMiNick wrote; every register in x86 mode have some specific uses by some specific instructions.

EAX = Accumulator, used by many x86 instructions. we cant count these as writing them down would take 30minutes to an hours.

ECX = Counter, used by few x86 instructions. REP/REPE(Z), REPNE(Z), JCXZ, JECXZ, few more ..

EDX = Data, some specific instructions.

EBX = Base, used by XLAT. and its the return value of some instructions like CPUID and others ...

ESP = Stack Pointer, which pointer to the current stack. used by PUSH, POP, CALL, RET, IRET, ENTER, LEAVE ...

EBP = Base Pointer, which is used to save current stack frame. its used by ENTER and LEAVE instructions.
in your example if you have used LEAVE before the RET instruction you will crash. (and you wouldnt crash if you followed what Tomasz wrote)

ESI = Source Index, see below.
EDI = Destination Index, see below.

both ESI and EDI are used by string-instructions.

as for Calling Conventions, ProMiNick already mentioned the purpose of the Calling Conventions.

Calling Convention is not fixed, by mean it can vary from one OS to another; also to be more clear its not something specific for OSes or Libraries.

its per function, for example 99.99% (and infinite line of nines) win32 api use the STDCALL Calling Convention.
however, some specific functions use CDECL Calling Convention. (they were originally C Lib functions that were adopted by microsoft windows)

both STDCALL and CDECL require parameters to be PUSHed on the stack, however the stack cleaning is different.
STDCALL - the callee must clean the stack. (easier to call) (when making your own function you may forget about how many bytes you should clean)
CDECL - that caller must clean the stack. (you may forget to clean the stack after the call) (easier to implement a function)

that is not everything, both Calling Conventions require parameters to be pushed right-to-left; both Calling Conventions guarantees that EBX,ESP,EBP,ESI,EDI are non-volatile by mean they will not be changed by the callee in other words they are preserved by the callee.
while EAX, ECX, EDX are volatile, and they will be altered by the callee; if the caller want to keep their values then the caller must preserve whatever content in EAX,ECX,EDX.

and the return value is in EAX.

that is for x86 Calling Conventions, the 64-bit Calling Conventions are different.

as for your own functions, you dont have to follow any rules especially if they are used within your program; you can customize them however you please.

but if you want to make a DLL, then you probably want to follow STDCALL Calling Convention; otherwise you have the document your custom Calling Convention.

in general STDCALL is the most used Calling Convention, and luckily fasm have some macros for stdcall.
invoke - indirect (optional)
stdcall - direct (optional)

as for making a function, PROC and ENDP pairs are used. (optional)

_________________Asm For Wise Humans

13 May 2020, 21:53

Stefx

Joined: 24 Apr 2020
Posts: 12

Stefx

@ProMiNick @Ali.Z
Thanks a lot for explaining, many things are now clear for me.

14 May 2020, 09:10

Stefx

Joined: 24 Apr 2020
Posts: 12

Stefx

And here I am after a long break with another question
Currently I am on "Introduction to x86 assembly, part 5: CoMParing numbers"
I would like ask why only first 3 letters change size to small and rest remain unchanged?

Description:

Filesize:

36.66 KB

Viewed:

186 Time(s)

22 May 2020, 19:00

ProMiNick

Joined: 24 Mar 2012
Posts: 533
Location: Russian Federation, Sochi

ProMiNick

somewhere happened call to ToLowerCase,
where first param passed as string to convert, (and in current case I could suppose that it is address of "example" var)
where 2nd param is count of chars from begining to convert (and in current case I could suppose that it is value 3)

to lower case transforming itself is adding to char difference between locase char and upper case one it is 'a'-'A'=$20=20h
add byte[edx],20h
note: it REQUIRES source string to consist only from ENGLISH CAPITAL LETTERS ASCIIs, for other sources it will convert strings to garbage.

Quote:

where 2nd param is count of chars from begining to convert (and in current case I could suppose that it is value 3)

that is answer on thour question.

22 May 2020, 20:07

Stefx

Joined: 24 Apr 2020
Posts: 12

Stefx

Yeah that's right @ProMiNick I found on beginning of code

Code:

start:
push 3
push example
call ToLowerCase

after switch value of 3 to another number I can convert much more letters.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forumYou cannot attach files in this forumYou can download files in this forum